如何解决将WireGuard与Raspberrly Pi上的容器一起使用构建容器图像失败
我想使用一个容器在Raspberry Pi上运行WireGuard。
我成功安装了Podman和Buildah。我用Alpinelinux创建了一个着色器(用于RB)
并尝试在其中安装Wireguard。当我尝试执行启动服务的最后一步时,它失败了。我是这个主题的新手,所以我可能也看不到一个初学者的错误。
运行命令时出现此错误
sudo buildah run $container -- wg-quick up wg0
没有特权模式
[#] ip link add wg0 type wireguard
RTNETLINK answers: Operation not permitted
Unable to access interface: Operation not permitted
[#] ip link delete dev wg0
Cannot find device "wg0"
error while running runtime: exit status 1
ERRO exit status 1
但是当我运行命令时
sudo buildah run $container -- wg-quick up wg0
在特权模式下,我得到了
error reading build container "vpn-container": error reading build container: container not known
出什么问题了?包括我使用的文件。 容器是用buildah构建的。
这是我的buildah文件:
#!/usr/bin/env bash
echo "net.ipv4.ip_forward=1" >> local.conf
container=$(buildah from --name "vpn-container" arm32v7/alpine)
echo $container
buildah run $container -- apk add bash
buildah config --workingdir /tmp $container
buildah run $container -- mkdir /etc/wireguard
buildah copy $container local.conf /tmp
buildah run $container -- mv /tmp/local.conf /etc/sysctl.d/local.conf
buildah copy $container *WireGuard.sh /tmp
buildah run $container -- chmod +x *WireGuard.sh
buildah run $container -- ./installWireGuard.sh
buildah run $container -- ./configureWireGuard.sh
# Enable IP Forwarding
sudo buildah run $container -- wg-quick up wg0
#buildah commit $container vpn-baseimage
这是我的installWireguard.sh
#!/bin/bash
apk update
apk add -U wireguard-tools
#apk add wireguard-tools-wg
#apk add wireguard-vanilla
这是我的configureWireguard.sh
#!/bin/bash
# Generate security keys
wg genkey | tee server_private_key | wg pubkey > server_public_key
wg genkey | tee client_private_key | wg pubkey > client_public_key
server_private_key=$(wg genkey)
server_public_key=$(echo $server_private_key | wg pubkey)
client_private_key=$(wg genkey)
client_public_key=$(echo $server_private_key | wg pubkey)
echo security keys:
echo server_private_key: $server_private_key
echo server_public_key: $server_public_key
echo client_private_key: $client_private_key
echo client_public_key: $client_public_key
# Generate server configuration
cat <<EOF > wg0.conf
[Interface]
Address = 10.123.0.1/24
SaveConfig = true
PrivateKey = $server_private_key
ListenPort = 45340
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE;iptables -A FORWARD -o %i -j ACCEPT
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE;iptables -D FORWARD -o %i -j ACCEPT
EOF
chmod -r wg0.conf
cp wg0.conf /etc/wireguard/wg0.conf
# Enable autostart
#systemctl enable wg-quick@wg0
#chown -R root:root /etc/wireguard/
#chmod -R og-rwx /etc/wireguard/*
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。